D-Link DIR-823X Command Injection Vulnerability

A command injection vulnerability has been identified in the D-Link DIR-823X router, specifically in the 250416 firmware version. The issue arises in the 'uci_del' function within the '/goform/delete_prohibiting' file, where the 'delvalue' parameter is not properly validated. This lack of input validation allows attackers to manipulate the parameter and execute arbitrary commands on the device. The vulnerability can be exploited remotely, and a public proof-of-concept exploit is available.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the affected device.

Reproduction

To reproduce this vulnerability, log into the router and send a POST request to the '/goform/delete_prohibiting' endpoint. Include a crafted 'delvalue' parameter that exploits the input validation flaw in the 'uci_del' function. The injected command will be executed on the router's operating system.